A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: mailto:security@leo-skull.de
Expires: 2024-09-07T22:00:00.000Z
Encryption: https://keys.openpgp.org/vks/v1/by-fingerprint/D83A64F4505B6FB9F0DA65B8CE0A549A66A7B7FD
Preferred-Languages: de,en
Canonical: https://leo-skull.de/.well-known/security.txt

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEE2Dpk9FBbb7nw2mW4zgpUmmant/0FAmT7XtAACgkQzgpUmman
t/0gFA/+P8+8TlLB0KyubZqnVCdO/LHcKAL1JbisNN4HQXEF7hC8V5swJr07gI/B
LNuR6J42Af6BoQ/9kqIqjdjOSeyuICwdYXL5c/L//8rX3xTL712FBn6/1E4fhKwf
yIkI95fw1Vz4a9U9NB1WqdkemQ8gH+WezIA57/OQToKPSSE9p6Bj+6yiqb92F2de
qXodOgl25+uucjEMNS2kkIwZQu4lAShHhOkUat7QVnFTzV5bR0vIcUbDjDCj1DeY
PpxrcWdsK82VVuDq934ed6ImFawoP21Mx1itf3D/6tYsuFDkrR7UPf1D7zapwJMg
jmdFz2YV1h3AXowNNIgyvDcVnK3pY743XfR/v/bUl+NNZgZaUkgPZhu3Sv0Dv0EO
JdE4xO12UgHiyQohQ1mNk0qgjDGPSIGs+crw1SnXsMbWvI/BSOy049cztw2pCF/+
jPQoVW7lqr/o1nvaHZv4PJpbVj27qyWmWR906kDCXIY/sgHlVrh8rvsyk/E0j6ZS
sB1Za/z1IYLfzz9Dctu/r7NztWamfV4qWFUxzdh3L7tATE9GhecU4+Uxz2MXyuoF
LrFVDQ+ptr4PtuNuKgUUC1V4SdK8lVMTVsaLz21Dqb4+zfJOkYMphxw+meiiaVsH
Inee4o+Zx2MIyUkrpKudmJ94rgZ9b+tl1E1cs2zd0O9z8O3In3I=
=stUh
-----END PGP SIGNATURE-----